Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft
File:                     PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft (raw, json)
Hash identifier:          1GetanZttdWrpAVZKqNsi7febGhOoVaVEOtnPoZJTcA=
Subject key identifier:   1C:40:06:64:B9:56:DA:6B:38:15:5E:52:A2:54:D2:95:0A:9F:48:E8
Authority key identifier: 3C:14:15:42:16:85:AC:E3:68:2F:16:1D:31:0D:92:72:6C:DF:B0:97
Certificate issuer:       /CN=3c1415421685ace3682f161d310d92726cdfb097
Certificate serial:       0197488CC4D5CB472DFF820C5E2BAD1C5AA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PBQVQhaFrONoLxYdMQ2ScmzfsJc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft
Manifest number:          1578
Signing time:             Sat 07 Jun 2025 04:01:14 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:14 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:14 +0000
Files and hashes:         1: PBQVQhaFrONoLxYdMQ2ScmzfsJc.crl (hash: BYnofNg5KKyQfCTUei6aR5aN0bHWBskXKxbRHrPpyK8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PBQVQhaFrONoLxYdMQ2ScmzfsJc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:c4:d5:cb:47:2d:ff:82:0c:5e:2b:ad:1c:5a:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c1415421685ace3682f161d310d92726cdfb097
        Validity
            Not Before: Jun  7 04:01:14 2025 GMT
            Not After : Jun  8 04:01:14 2025 GMT
        Subject: CN=1c400664b956da6b38155e52a254d2950a9f48e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d3:6a:b3:10:76:62:23:41:70:ad:c3:5c:3b:
                    1b:d3:50:90:8b:89:ef:6f:4f:b0:0f:4b:ae:88:dc:
                    47:37:bd:88:b9:46:37:c1:9c:44:93:8f:03:ea:f9:
                    f9:ad:6b:42:3c:37:c0:71:3d:15:5d:5f:f4:08:54:
                    88:d8:dd:bb:55:bc:b2:5b:b0:e8:01:26:45:d2:86:
                    a7:52:d3:11:04:6e:3f:9d:d7:94:a6:14:cc:e8:70:
                    3e:9f:1c:0d:ec:3d:1d:3a:c4:32:85:92:3d:4c:53:
                    03:81:31:65:61:8f:87:8c:65:8e:13:c6:ea:4b:bc:
                    94:8e:44:3b:0e:d6:3d:18:67:d3:7a:c3:a6:97:fc:
                    17:e0:ec:27:3a:70:d9:ce:9e:5a:1b:ee:3a:91:d4:
                    19:23:64:95:68:f9:f5:cc:66:4f:96:df:f2:e1:5b:
                    c9:3c:25:e4:09:56:cb:21:cb:a3:d5:7b:db:0c:b5:
                    d5:5d:bf:66:e0:a7:66:c0:a5:e4:35:64:5f:b4:89:
                    51:63:27:28:43:17:3d:72:05:22:dd:22:f4:3a:0a:
                    9b:e3:e1:ac:e9:0d:6c:a1:0d:d5:1b:b2:0c:a7:95:
                    3e:cb:56:f8:ed:29:5d:6e:ce:e2:7a:13:92:3c:72:
                    8d:59:29:d1:2d:41:cc:20:e0:f7:77:ed:49:b4:3e:
                    68:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:40:06:64:B9:56:DA:6B:38:15:5E:52:A2:54:D2:95:0A:9F:48:E8
            X509v3 Authority Key Identifier:
                keyid:3C:14:15:42:16:85:AC:E3:68:2F:16:1D:31:0D:92:72:6C:DF:B0:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBQVQhaFrONoLxYdMQ2ScmzfsJc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:2f:fb:66:ae:1d:e4:75:32:f1:cb:0a:5e:e0:55:8e:a1:9e:
         d1:71:23:b5:8e:a0:41:f1:08:e3:01:ee:8c:d1:fb:79:6c:c5:
         de:72:fd:85:80:0b:a8:96:37:9f:d0:72:e2:dc:9b:a9:6f:6a:
         de:f0:56:94:fd:0f:9e:53:66:50:fa:1a:e7:45:b2:d3:16:d5:
         ed:10:32:46:da:9a:69:7b:14:75:d1:24:d5:5b:d3:34:ce:72:
         94:e4:73:f9:e0:e6:70:b0:45:f6:2f:57:a9:0d:3f:25:65:48:
         d0:00:a0:9c:06:45:aa:e7:3c:d8:e3:42:59:4b:5c:17:d2:7f:
         37:49:6c:af:34:04:40:93:0e:0e:6c:72:1a:19:d3:8d:95:13:
         d4:de:79:de:e5:23:43:78:8e:16:db:44:7f:b2:a7:45:46:7b:
         71:54:a9:43:5f:f1:3e:59:98:41:08:8c:95:da:4a:35:15:c1:
         e3:5a:08:ab:f4:94:8a:10:4c:00:a8:26:11:50:24:85:69:9f:
         7a:f0:18:98:12:66:e5:22:e9:65:6b:25:18:75:6c:76:bb:04:
         f9:02:b8:e0:76:ec:49:f6:5e:66:1a:d1:d7:41:c7:a6:d3:0b:
         ca:36:63:cd:b6:8c:83:54:fa:9c:f7:15:78:d3:f0:99:79:89:
         5e:04:14:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjMTVy0ct/4IMXiutHFqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMTQxNTQyMTY4NWFjZTM2ODJmMTYxZDMxMGQ5MjcyNmNk
ZmIwOTcwHhcNMjUwNjA3MDQwMTE0WhcNMjUwNjA4MDQwMTE0WjAzMTEwLwYDVQQD
EygxYzQwMDY2NGI5NTZkYTZiMzgxNTVlNTJhMjU0ZDI5NTBhOWY0OGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9NqsxB2YiNBcK3DXDsb01CQi4nv
b0+wD0uuiNxHN72IuUY3wZxEk48D6vn5rWtCPDfAcT0VXV/0CFSI2N27VbyyW7Do
ASZF0oanUtMRBG4/ndeUphTM6HA+nxwN7D0dOsQyhZI9TFMDgTFlYY+HjGWOE8bq
S7yUjkQ7DtY9GGfTesOml/wX4OwnOnDZzp5aG+46kdQZI2SVaPn1zGZPlt/y4VvJ
PCXkCVbLIcuj1XvbDLXVXb9m4KdmwKXkNWRftIlRYycoQxc9cgUi3SL0Ogqb4+Gs
6Q1soQ3VG7IMp5U+y1b47Sldbs7iehOSPHKNWSnRLUHMIOD3d+1JtD5oYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxABmS5VtprOBVeUqJU0pUKn0joMB8GA1UdIwQY
MBaAFDwUFUIWhazjaC8WHTENknJs37CXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEJRVlFoYUZyT05vTHhZZE1RMlNjbXpmc0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9iODVjZGQtYmE0YS00NThlLWE3YTgt
MWUxMjI4MzhhMTExLzEvUEJRVlFoYUZyT05vTHhZZE1RMlNjbXpmc0pjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9iODVjZGQtYmE0YS00NThlLWE3YTgtMWUxMjI4MzhhMTEx
LzEvUEJRVlFoYUZyT05vTHhZZE1RMlNjbXpmc0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQS/7Zq4d
5HUy8csKXuBVjqGe0XEjtY6gQfEI4wHujNH7eWzF3nL9hYALqJY3n9By4tybqW9q
3vBWlP0PnlNmUPoa50Wy0xbV7RAyRtqaaXsUddEk1VvTNM5ylORz+eDmcLBF9i9X
qQ0/JWVI0ACgnAZFquc82ONCWUtcF9J/N0lsrzQEQJMODmxyGhnTjZUT1N553uUj
Q3iOFttEf7KnRUZ7cVSpQ1/xPlmYQQiMldpKNRXB41oIq/SUihBMAKgmEVAkhWmf
evAYmBJm5SLpZWslGHVsdrsE+QK44HbsSfZeZhrR10HHptMLyjZjzbaMg1T6nPcV
eNPwmXmJXgQUhQ==
-----END CERTIFICATE-----